FilipPwn / ExchangeHound

Public

ExchangeHound is a defensive BloodHound OpenGraph collector for on-prem Microsoft Exchange that maps mailbox delegation and Exchange privilege relationships to help blue teams find abuse paths and permission risks.

100% credibility

Found Apr 18, 2026 at 20 stars -- GitGems finds repos before they trend. Get early access to the next one.

AI Analysis

PowerShell

AI Summary

ExchangeHound is a defensive security tool that collects on-premises Microsoft Exchange permissions like mailbox delegations and maps them into a graph for visualization in BloodHound.

How It Works

🔍 Discover ExchangeHound

You hear about this tool from a security blog while looking for ways to spot risky email access in your company's system.

💻 Prepare your setup

Download the files to the computer you use to manage company email servers.

▶️ Run the scan

Start the collection with a simple command to gather details on who can access whose mailboxes.

📊 See the collection summary

Watch as it lists mailboxes, permissions, and relationships, giving you a clear overview of access rights.

📁 Save the report

Get a ready-to-use file summarizing all the email permission connections.

📤 Load into viewer

Upload the file to your security graph tool to create visual maps of permissions.

🔎 Spot the risks

Explore the maps to find hidden access paths and plan how to secure them.

🛡️ Secure your emails

You've uncovered potential weak spots in email access and can now make your system safer.

Sign up to see the full architecture

6 more

Star Growth

See how this repo grew from 20 to 20 stars Sign Up Free

Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose

AI-Generated Review

What is ExchangeHound?

ExchangeHound is a PowerShell collector that maps on-prem Microsoft Exchange permissions—like mailbox delegation, FullAccess, SendAs, and SendOnBehalf—into BloodHound OpenGraph format. It helps blue teams find abuse paths, privilege risks, and blind spots missed in standard AD analysis, outputting JSON you ingest directly into BloodHound CE for querying. Run it via simple CLI flags from Exchange Management Shell, scoping to OUs, filters, or optional collectors for folders, public folders, transport rules, and RBAC.

Why is it gaining traction?

It stands out by linking Exchange data to existing SharpHound AD graphs via SID resolution, revealing chains like kerberoastable delegates with mailbox rights that generic tools overlook. Users get pilot modes with result limits, remote server support, and noise filtering for actionable output, plus Python scripts for API-based BloodHound uploads. The hook is filling the Exchange gap in defensive BloodHound workflows without custom scripting.

Who should use this?

Blue teams and detection engineers auditing delegated access in Exchange-heavy enterprises. AD defenders scoping incidents or validating remediations after hardening. Security ops running continuous posture reviews on Tier Zero mailboxes and cross-team delegations.

Verdict

Grab it if you run on-prem Exchange and BloodHound—20 stars and 1.0% credibility signal early days, but solid docs and sample queries make it low-risk to pilot. Test on a subset first to confirm your env fit before full runs.

(198 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.

Stars

Forks

Followers

Base stars: 20 stars

Penalty: Very new repo (1d): -70%

Bonus: AI verified quality (100%)

Account age: 895 days

Repo age: 1 days

License: MIT

Updated: Apr 18, 2026